diff options
| author | Dmitry Sivachenko <demon@FreeBSD.org> | 2018-08-16 13:13:57 +0000 |
|---|---|---|
| committer | Dmitry Sivachenko <demon@FreeBSD.org> | 2018-08-16 13:13:57 +0000 |
| commit | 737a6362f260d1eb9e7f8d9c9d532fb7ec84b974 (patch) | |
| tree | be268d4705b953ab846210a0d7c6eadeae0e106f /net/haproxy17/files/patch-src_ssl__sock.c | |
| parent | - Update to 5.3.0 (diff) | |
Repo-copy haproxy->haproxy17 for the upcoming update of haproxy port.
Diffstat (limited to 'net/haproxy17/files/patch-src_ssl__sock.c')
| -rw-r--r-- | net/haproxy17/files/patch-src_ssl__sock.c | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/net/haproxy17/files/patch-src_ssl__sock.c b/net/haproxy17/files/patch-src_ssl__sock.c new file mode 100644 index 000000000000..d67b9127ca80 --- /dev/null +++ b/net/haproxy17/files/patch-src_ssl__sock.c @@ -0,0 +1,45 @@ +--- src/ssl_sock.c.orig 2017-07-07 09:49:34 UTC ++++ src/ssl_sock.c +@@ -794,8 +794,11 @@ static int ssl_sock_load_ocsp(SSL_CTX *c + ocsp = NULL; + + #ifndef SSL_CTX_get_tlsext_status_cb ++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB ++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB 128 ++#endif + # define SSL_CTX_get_tlsext_status_cb(ctx, cb) \ +- *cb = (void (*) (void))ctx->tlsext_status_cb; ++ *cb = SSL_CTX_ctrl(ctx,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,0, (void (**)(void))cb) + #endif + SSL_CTX_get_tlsext_status_cb(ctx, &callback); + +@@ -823,7 +826,10 @@ static int ssl_sock_load_ocsp(SSL_CTX *c + int key_type; + EVP_PKEY *pkey; + +-#ifdef SSL_CTX_get_tlsext_status_arg ++#if defined(SSL_CTX_get_tlsext_status_arg) || defined(LIBRESSL_VERSION_NUMBER) ++#ifndef SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG ++#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG 129 ++#endif + SSL_CTX_ctrl(ctx, SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG, 0, &cb_arg); + #else + cb_arg = ctx->tlsext_status_arg; +@@ -3539,7 +3545,7 @@ int ssl_sock_handshake(struct connection + OSSL_HANDSHAKE_STATE state = SSL_get_state((SSL *)conn->xprt_ctx); + empty_handshake = state == TLS_ST_BEFORE; + #else +- empty_handshake = !((SSL *)conn->xprt_ctx)->packet_length; ++ empty_handshake = SSL_state((SSL *)conn->xprt_ctx) == SSL_ST_BEFORE; + #endif + + if (empty_handshake) { +@@ -3617,7 +3623,7 @@ int ssl_sock_handshake(struct connection + state = SSL_get_state((SSL *)conn->xprt_ctx); + empty_handshake = state == TLS_ST_BEFORE; + #else +- empty_handshake = !((SSL *)conn->xprt_ctx)->packet_length; ++ empty_handshake = SSL_state((SSL *)conn->xprt_ctx) == SSL_ST_BEFORE; + #endif + if (empty_handshake) { + if (!errno) { |